Processing Personal Data is a risky activity but not complying with the GDPR will make it even riskier
The supervisory authorities may audit, serve warning, enforcement letter and fine of up to 20 million euros or 4% of the annual worldwide turnover whichever is higher.
Most of the Authorities' decisions and massive security breaches are reported in the media
Individuals must be notified of data breaches under certain circumstances
Customer relationship might suffer from non-compliance with data protection rules especially where customer's data protection request is not handled properly (e.g. right of access, data portability etc.)
Customers' trust may be lost if customers' data is misused or lost